COVID-19: be aware of increased phishing scams and criminals pretending to be trusted partners/organizations.
Like many organizations around the world, the Global Fund partnership is a target of hoax emails, phishing scams and other fraudulent requests that are sent by email, phone calls, texts/WhatsApp messages or other channels of communication. Awareness and diligence can help you evaluate whether a message is authentic or a potential scam.
Although seemingly legitimate, these fraudulent requests sent to our partners have no connection at all with the Global Fund. They are typically unsolicited, are meant to look authentic, may include the official Global Fund logo and signatures, and might even appear as originating from an authentic Global Fund email address.
How can I tell if a message is trying to phish me?
The messages usually:
- Look identical to messages from a reputable organization (such as a medical or governmental institution)
- Sounds urgent
- Claims to enclose important or breaking news
- Asks you to click attachments and links
When reviewing emails, know that Global Fund will never:
- Request you provide your username or password via email, telephone, or any other means of communication
- Send email attachments you didn't request
- Request payments or updating of payment details using email, telephone or other channels
- Ask you to install software or request access to your computer, telephone or other devices
- Offer to organize or host events and ask you to submit payments for such services
- Charge money for recruitment purposes or make offers of employment against fees or other payment methods
- Conduct lotteries or offer prizes, grants, ask for donations, give out certificates or raise funding through email
You should always exercise caution by:
- Never downloading and opening attachments from suspicious emails
- Never clicking on links from suspicious emails
- Never entering your usernames and passwords into websites or popups you are not familiar with
Also make sure to:
- Verify any suspicious communication with your contacts at the Global Fund
- Activate multifactor authentication, a security enhancement that requires two forms of verification, wherever possible on all your email accounts. Popular options include Google Authenticator and Microsoft Authenticator. Find out more details below for Gmail, Yahoo and Microsoft:
- Ensure computer antivirus and security patches are kept up to date
- Report any suspicious or fraudulent email, invoice or recordings via the Contact Us page